CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2011-1982

Microsoft Office 2007 SP2, and 2010 Gold and SP1, does not initialize an unspecified object pointer during the opening of Word documents, which allows remote attackers to execute arbitrary code via a crafted document, aka "Office Uninitialized Object Pointer Vulnerability."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.585

EPSS Ranking 98.1%

CVSS Severity

CVSS v2 Score 9.3

References

http://www.kb.cert.org/vuls/id/909022
http://www.us-cert.gov/cas/techalerts/TA11-256A.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-073
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12243
http://www.kb.cert.org/vuls/id/909022
http://www.us-cert.gov/cas/techalerts/TA11-256A.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-073
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12243

Products affected by CVE-2011-1982

Microsoft » Office » Version: 2007

cpe:2.3:a:microsoft:office:2007
Microsoft » Office » Version: 2010

cpe:2.3:a:microsoft:office:2010

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-1982

Products

Pricing

Contact Us